I want to upload my own asp.net website on IIS with IIS Manager. But when I do this, I get the following error
HTTP Error 500.19 - Internal Server Error The requested page cannot be
accessed because the related configuration data for the page is
invalid
Module IIS Web Core
Notification Unknown
Handler Not yet determined
Error Code 0x80070005
Config Error Cannot read configuration file due to insufficient permissions
Config File \\?\C:\Users\Yasso\Documents\Visual Studio 2008\WebSites\WebSite5\web.config
I searched many times for a solution for this error, but none of the solutions solved the error.
I have a problem with my IUSR account. I can't see this account in the "group or user names" in the properties of the web.config.
What is the problem?
This can also happen if the site is configured to use the IIS URL Rewrite module but it is not installed.
Finally, I got the solution for my problem. The ASP.net account did not appear in the IIS manager, because I didn’t check its checkbox in IIS. To do this in Windows 7 follow the steps:
Open control panel
Click on “program” link (not uninstall programs)
Click “turn windows features on/off” link
Locate “Internet Information services IIS” in the pop up window and expand its node
Expand the “World Wide Web Service” node
Expand “Application Development Features” node
Check the check box of “ASP.NET”
Then click ok button
Now, you will see the ASP.net account on the IIS manager and by default you will see the IIS account. Now, you should move your ASP.net website from “my document” to another place where the IIS have permission to access it (i.e. to another partition on your computer). Now, browse your website from the IIS manager and it should work.
Thanks a lot for Jeff Turner for the solution.
The message is saying that your configuration file is corrupt in some way. However it also says that it can't actually access the config file. So I'd ignore the original message about corruption/lack of validity as this is most likely just the effect of not being able to read the file due to a lack of authorization.
The reason it cannot read the config file is because the process running your web app does not have permission to access the file/directory. So you need to give the process running your web app those permissions.
The access rights should be fairly straightforward, i.e. at least Read, and, depending on your app, maybe Write.
Above, you mention IUSR etc. not being in the properties for web.config. If by that you mean that IUSR is not listed in the security tab of the file then it's a good thing. One doesn't want to give IUSR any kind of permission to web.config. The role IUSR is an anonymous internet user.
The file web.config should only be accessible through your application.
The problem is you haven't said which OS and IIS version you are using so it's difficult to advise which steps to take.
I.e. in IIS 7.5, the error message you're quoting is likely to occur due to your ApplicationPoolIdentity not being assigned the permissions. Your web application belongs to an application pool and so you need to give the permissions to the OS account that your web application's application pool runs under. Often this is something like NetworkService but you may have customized it to run under a purpose made account. Without more info it's difficult to help you.
I was having the same problem, here is the solution that worked for me.
IIS Manager
Right clicked on that Website
Edit Permissions
Added user 'IIS_IUSRS' from Security tab
Gave full permissions to User 'IIS_IUSRS'
Set the Application Pool's Identity to 'ApplicationPoolIdentity'
For Visual Studio (VS) developers:
As hinted at by Harvey Darvey, Savage, and Snives, your Application Host Configuration may be pointing to the wrong application physical path. Search for virtualDirectory within /.vs/config/applicationhost.config to change the physicalPath if it is incorrect.
Make sure the physicalPath is correct:
Just to chip in, I received the same kind of error and my problem was quite simple: I was missing the .NET Core Hosting Bundle. Once I installed the tool and restarted the server, it was fine.
You can find the manual to host asp.net core on windows here: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/?view=aspnetcore-2.2
To resolve this, make sure you installed the hosting bundle.
https://dotnet.microsoft.com/download/dotnet-core/3.1
Facepalm alert:
You will also get this error if the path to the config file is wrong. Double-check it to make sure the physical path is entered correctly in IIS.
You need to assign permissions for IIS_IUSRS on the local machine (but you don't have to assign for IUSR, in fact it will work even if you explicitly deny permissions).
To assign permissions, just right click on the folder and on the security tab make sure to grant the correct permissions, and if the user is not listed then click "ADD", and enter IIS_IUSRS (and make sure that under "domain" the local computer is selected, or enter in the name field YourLocalComputerName\IIS_IUSRS), and then you are good to go.
If you want you can instead of assigning permissions to the IIS_IUSRS group, you can instead assign to the app pool which should in general be "IIS APPPOOL\ app pool name".
The same thing happened with me , Try checking this by double clicking on the Connection strings on the right pane of IIS 7 when you select a website.
It will give you an error (that there is some problem with web config file), because you have used URL rewrite rules and the respective component is not installed.
Install “Microsoft URL Rewrite Module 2.0 for IIS 7” and this should fix your problem
Install ASP.NET Core module
Download the installer using the following link:
https://www.microsoft.com/net/permalink/dotnetcore-current-windows-runtime-bundle-installer
Nothing here worked for me, I found this command in another SO answer though and it solved my problem. Just start command prompt as an administrator and run this command:
run->cmd
run "c:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -i"
Credit: User Vicxx
Ehm. I had moved my site/files to a different folder. Without changing the path in the IIS website.
You may all laugh now.
I do these steps to solve this problem in
Windows Server 2012, IIS 8.5. Should work for other versions too.
Go to server manager, click add roles and features
In the roles section choose: Web Server
Under Security sub-section choose everything (I excluded digest, IP restrictions and URL authorization as we don't use them)
Under Application Development choose .NET Extensibility 4.5, ASP.NET 4.5 and both ISAPI entries
In the features section choose: NET 3.5, .NET 4.5, ASP.NET 4.5
In the web server section choose: Web Server (all), Management Tools (IIS Management Console and Management Service), Windows
Make sure you have the application pool set to the correct version of the framework. You'll also need to make sure your aspnet, IIS_IUSRS, or IUSR users have read access to the application's directory.
Try installing the 'Application Development' sub component of IIS as mentioned in this SO
Click "Start button" in the search box, enter "Turn windows features
on or off"
in the features window, Click: "Internet Information
Services"
Click: "World Wide Web Services"
Click: "Application
Development Features"
Check (enable) the features. I checked all but
CGI.
One other possibility that fixed this problem for me:
IIS -> Edit Permissions -> Security Tab -> Give "Users" appropriate permissions (or IIS_IUSRS, depending on your setup)
This also happened to me when I had a default document of the same name (like index.aspx) specified in both my web.config file AND my IIS website. I ended up removing the entry from the IIS website and kept the web.config entry like below:
<system.webServer>
<defaultDocument>
<files>
<add value="index.aspx" />
</files>
</defaultDocument>...
Sometimes this message has can be missing components in your IIS environment e.g. a particular framework, or an IIS feature like dynamic compression, rather than permissions to web.config.
If this is the case, a solution can be to install and use the Microsoft Platform Installer and install those missing components - you might have to take a stab at what exactly is missing because the error log and message don't tell you.
Actually, any missing module can lead to this problem. In my case, it was CORS Module. So read the web.config and seek for any addon module that you specified in it and check that it is installed, or install it otherwise. Unfortunately, the error message does not help finding the problem at all.
Pretty straight forward, IIS doesn't have access to your web.config. I'd start by taking the site out of your documents folder. Verify it has r/w permissions then as well.
You need to set permission for your Website folder or copy they to wwwroot folder :)
- If set permission, have 2 way:
+ Right click to Your Website folder
+ Or right click to Your Website in IIS
=> select Edit permission and Add a permission (IUSR - default iis user)
Good luck ;-)
You can get this error if you have a synax error or issue in your web.config file.
For me, it was a stray ampersand in a URL that I was using in the AppSettings.
In my case, it caused by application physical path point to a non-existent folder in IIS.
got this problem with mapped drives, IIS doesn't work with mapped drives. Just use the unmapped drive.
I had the issue as I copied my web.config file down from prod, changed everything not prod related except the Rewrite rules which were rewriting to httpS.
Removed those rules and ran fine.
I too had the similar issue and i fixed it by commenting some sections in web.config file.
The project was earlier built and deployed in .Net 2.0. After migrating to .Net 3.5, it started throwing the exception.
Resolutions:
If your configuration file contains "<sectionGroup name="system.web.extensions>", comment it and run as this section is already available under Machine.config.
On the IIS 7.5 error page you get click on 'View more Information' at the bottom of the page and in this case it will take you to the following Microsoft link:
http://support.microsoft.com/kb/942055
The 0x80070005 Error Code seems to be permissions related and following the steps in Resolution 2, Method 2 assigning the correct accounts with permissions on relevant folders should fix it - I spent 3 days looking for a solution until I came across it, worked straight after.
Explore the folder where your website is store and see you will get one extra folder "aspnet_client" delete that folder and it will work for you.
I tried this my problem is solved.
If it works for you please make it as answer so that some body else will also get solution.
None of this worked for me, but I finally have a solution which worked for me:
remove this line in web.config:
<compilation debug="true" targetFramework="4.5"/>
don't remove this line
<compilation debug="true"/>
I'm running Win 10, VS Express for Web 2015. I have an existing asp.net membership database that I want to amend using the Web Site Administration Tool.
I followed this hack to manually start the Web Site Administration Tool via the IIS: Visual Studio 2013 and ASP.NET Web Configuration Tool
The Web Site Administration Tool launches fine. However, when I go to the security tab, I get the following error message: Access to the path 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\19aec8c6\ee1f4195\hash' is denied.
I've gone into the Temporary ASP.Net files folder and changed the properties for my userid to give me full control, yet I continue to run up against the same error.
Update: I turned on the IIS in the Windows Feature and that seemed to make some progress. Now when I run the Web Site Administration Tool, I get a different error when I click on the security tab: Access to the path 'C:\Users\XXXX\AppData\Local\Temp\Temporary ASP.NET Files\root\19aec8c6\ee1f4195\hash' is denied.
Any suggestions?
Did you notice the update left on the referenced answer;
IMPORTANT EDIT: I am sorry, I just realized that it matters if you start console with administrator priviledges. Don't do that. If console has administrator rights, the Web Configuration Tool shows this error on the Security page:
There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. The following message may help in diagnosing the problem: Access to the path 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\1c3fef5c\2180c7f9\hash' is denied.
Looks like the same issue.
Just Change TEMP location to "C:\Windows\Temp" and restart Visual Studio
If you wish, you can reset TEMP location to "%USERPROFILE%\AppData\Local\Temp" after work fine.
/* Make some changes to .csproj file */
...
Workspace workspace = GetWorkspace( localBranchPath, serverBranchPath );
workspace.PendEdit( csprojFilePath );
At this point, my non-fatal error handler for VersionControlServer catches an ItemNotFound error. However, if I run workspace.PendEdit( csprojFilePath + ".balls" ) in the Watch window of the Visual Studio debugger, no errors occur and the file is properly checked out.
I have confirmed that the file is not marked as read-only and that the user running IIS / the app deployment and the user being impersonated both have NTFS and TFS full control permissions to the .csproj file.
TFS and its concept of 'workspaces' is likely the cause of your troubles. Weird things can happen if you have more than 1 workspace on machine. Can you log which workspace which gets acquired when you run your app in IIS ? It's likely not the same (or none at all!) as the one which Visual Studio automatically creates for you and gets/uses when you run it from VS.
EDIT: Just remembered something from my work when I was a 'build engineer': TFS creates workspaces per user and caches those for fast access in an xml files in a folder something like C:\Users[sepcific user]\AppData\Local\Microsoft\Team Foundation ... . Check that xml file. So I'm pretty sure your user under which your IIS app pool is running under cannot see your normal user workpsace under which VS is running. Try set your own user as the IIS app pool user and see what happens. Pretty sure will work like in Visual Studio. So the mapping workspace(s) to *user is very concrete - you may need to create a new workspace for your IIS account & maybe download the files as well.
Other possibilities:
A permission issue or the IIS machine cannot see the (network ?) folder you it needs to see.
Start your Visual Studio as the user under which your application pool on IIS is running (in Windows 7 hold down shift & right click to see the option to run as different user) and see if you can get the same exception. If you do it's a permission issue.
If you don't get the same error go to the IIS server from the hosting location where your application is running from and try to access the path as if it would be accessed by your app.
Turns out there were two things wrong with my code (predictably, the .csproj extension had nothing to do with it):
I'd been checking in a different file before the .csproj; despite my originally having recursively set non-read-only + full control, this was automatically re-setting the read-only attribute on everything, which evidently led to problems with my subsequent check-out attempts.
In some instances, be it because of conflicts or other reasons, I needed to do a force get latest (GetOptions.Overwrite) before modifying and checking out the .csproj file.
I have developed a website that allows users to upload office documents then uses the office object model to convert the document to an HTML file that it then displays in an iFrame.
I have, of course, included references to Office.interop.word, and the site works fine on my development machine. When I uploaded it to my production server the site functions fine until I try to upload a document. I initially got a similar error that said "COM object not registered". I realized that Word wasn't installed on my production server. So I installed word and now when the server tries to access the word object model I receive the following error:
Retrieving the COM class factory for component with CLSID {000209FF-0000-0000-C000-000000000046} failed due to the following error: 80070005 Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
I searched the registry for the corresponding CLSID and found a corresponding folder. I added full control to the IUSR_ account and due to the persistence of the error I eventually added full control to "everyone" and ensured these permissions inherited down to the rest of the folder. I then added full control to IUSR_ and again eventually added full control to "everyone" to my microsoft office folder.
I don't know what other permissions to grant and where in order to make this "Access is denied" error go away. I must be granting them in the wrong place, because as far as I know I can't be any more permissive than "Everyone" "Full Control".
Can anyone shed any light?
Ok, I resolved this problem with this steps:
In the command line put DCOMCNFG
Expand Console Root > Component Service > Computers, right-click on My Computer, And Select Properties
In the Tab COM Security > Launch and Activation Permissions Click in Edit Default
Add the User (Ex. IIS_IUSRS) or service
Check Allow Local Launch and Local Activation
Then Excel, Word and other applications can work, good luck.
This worked for me:
In the command line put DCOMCNFG
Component Services -> Computers -> My Computer -> DCOM Config
Find "Microsoft Word 97 - 2003 Document" (If it is missing check if your Word is also 64 bit (if your Windows is) if it is not run mmc comexp.msc /32
instead of DCOMCNFG on step 1 as suggested by Darkseal here)
Right click -> Properties
Go To Tab Security and Edit the "Customize" radio buttons so that IIS_IUSRS could have rights for launch and access
Go to Tab Identity and choose "The interactive user"
Apply changes and try again
If all this fails, go also to tab "General" and in "Authentication Level" drop down choose "None".
Look in the Event Viewer, under Windows Logs, System, on the server machine where Word is installed. Do you see an event logged that reads something similar to:
The machine-default permission
settings do not grant Local Activation
permission for the COM Server
application with CLSID
{148BEE7F-6123-41EE-8CCA-E390902BD0D8}
to the user SomeMachine\SomeUser SID
(S-1-5-21-483881670-2168941642-1987552629-1003) from address LocalHost (Using LRPC).
This security permission can be
modified using the Component Services
administrative tool.
If so, run DCOMCNFG.EXE, and go to Component Services, Computers, My Computer (or whatever name), DCOM Config (and you can just answer "No" if it asks if you want to fix anything) and if the event log message is for an application, then find it by the name in the event log message, here by item name, and if the event log message is for a CLSID (like the example above) then find it by the CLSID "{148B...}" (that's just a random CLSID I pasted in -- probably it will match your 000209FF... above), and select More actions... Properties, to the Security tab.
Here, you can select [x] Customize and then Edit, to add permission for the appropriate user account to activate and access the required DCOM application or class.
It's just a guess, but give that a try, or something along these lines (i.e. granting access to the CLSID via DCOMCNFG).
I had my hard times figuring this out using the accepted answer, because the Microsoft Word 97 - 2003 Document record wasn't listed among DCOM Config items. I found the solution in this Technet blog post, where they correctly explained the issue:
It’s important to note that if you install 32-bit Microsoft Office on
a 64-bit machine, you may need to use the 32-bit DCOM config manager
to view the programs, depending on your operating system.
On x64 operating systems from Windows XP to Windows Server 2008, the
64-bit version of DCOMCNFG.EXE does not correctly configure 32-bit
DCOM applications for remote activation. This behavior causes
components that are meant to be activated remotely instead being
activated locally. This behavior does not occur in Windows 7 and
Windows Server 2008 R2 and higher versions.
Ref.:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms678426(v=vs.85).aspx
And also suggested to use the following command-line command (instead of DCOMCNFG) as an effective fix:
mmc comexp.msc /32
Which forces loading the 32-bit DCOM config manager instead of the 64-bit one and allows to perform the steps described within the accepted answer. If this still doesn't work, the article also explains a number of other possible workarounds.
For further info regarding this topic, you can also read this post on my blog.
If you cannot find Microsoft Word Application in DCOM
On 64 bit system with 32 bit Office try this:
List item
Start
Run
mmc-32
File
Add Remove Snap-in
Component Services
Add
OK
Console Root
Component Services
Computers
My Computer
DCOM Config
after that
Find "Microsoft Word 97 - 2003 Document" (If it is missing check if
your Word is also 64 bit (if your Windows is))
Right click -> Properties
Go To Tab Security and Edit the "Customize" radio buttons so that
IIS_IUSRS could have rights for launch and access
Go to Tab Identity and choose "The interactive user" Apply changes
and try again
If all this fails, go also to tab "General" and in "Authentication
Level" drop down choose "None".
In addition to the above, I encountered an issue that I thought I'd share in case other people run into it as well.
The application pool user of my .net app that was using interop was added to Admin but did not take effect due to iis caching environment. After performing the above in addition to an iisreset to reflect proper admin status of the app pool user, everything worked fine.